Western Balkans: Building cybersecurity awareness through local action
Written by Kristiin Jets, Communication Expert at eGA
Cybersecurity awareness cannot develop through policy alone. While strategies and legal frameworks give the necessary direction, real cyber resilience is built where digital risks are encountered every day – in classrooms, small businesses, communities and online spaces.
Through the EU-funded KnowCyber Grants for the Western Balkans, implemented by the e-Governance Academy (eGA), the European Union has focused on this practical layer of cybersecurity. Working with local civil society organisations across the region, the initiative promoted cyber hygiene, responsible online behaviour and a deeper understanding of digital risks, with a strong focus on awareness, education and hands-on skills.
A defining feature of the approach was its local delivery. Six local civil society organisations worked directly with small and medium-sized enterprises (SMEs), young people, educators, journalists and vulnerable groups, tailoring their activities to national contexts and community needs. By engaging audiences that are often hardest to reach through formal policy channels, these local projects helped embed cybersecurity awareness into everyday practices.
The KnowCyber grantees show that cybersecurity awareness is most effective when it is practical, locally grounded and closely connected to everyday realities. While local contexts vary, the core principle remains. Cyber resilience is built through knowledge, habits and informed decision-making. All told, it contributes to a more inclusive and sustainable cybersecurity ecosystem across the Western Balkans.
Montenegro: Strengthening SMEs’ cyber resilience
Focus: Strengthening cybersecurity practices and incident-response mechanisms among SMEs. Although they are the backbone of the national economy, they are particularly exposed to cyber risks.
Action: NGO Secure conducted quantitative research, revealing widespread unfamiliarity with cyber hygiene, limited access to cybersecurity training and weak internal policies and reporting procedures among SMEs. Based on these findings, the project provided targeted training for SMEs together with a national awareness campaign.
Result: Participants reported clear improvements in their ability to recognise phishing attempts, manage passwords securely and understand incident-reporting processes. At the same time, the training was rated as highly useful by SME representatives. By strengthening cyber hygiene at the organisational level, the project showed that cybersecurity resilience directly supports businesses’ economic stability.
“By strengthening SMEs, we are strengthening the entire Montenegrin economy,” said Ivona Dabetic, president of NGO Secure. “Without awareness at the management level, employees are left without guidance, procedures or protection. Our goal was for every business to understand that cyber hygiene is clearly an economic necessity, not a luxury,” she added.
North Macedonia: Reimagining cybersecurity education
Focus: Making cybersecurity education meaningful and engaging for young people by connecting it to their everyday digital lives.
Traditional approaches often struggle to achieve a lasting impact, particularly when cybersecurity is presented as abstract rules detached from students’ everyday digital lives.
Action: Through the SHIELD project, the Center for Innovations and Digital Education Dig-Ed combined digital storytelling, gamification and AI-supported tools. Teachers were trained to use the EduGame AI framework to deliver interactive, age-appropriate lessons based on real-life online situations.
Results:
- 40+ teachers trained
- 2,300+ students tought
- Improved knowledge retention, motivation and confidence in handling online risks
- Reusable gamified learning materials shared among educators
“Cybersecurity is usually taught as a set of rules, and for students, those rules can feel distant and abstract. When learners don’t see themselves in the content, they disengage. Teachers don’t need to become AI experts or game developers. They need confidence, adaptable tools and a framework that supports them. And this is how the SHIELD project can support them.” – Maja Videnovik, co-founder of Dig-Ed Centre
Kosovo: Strengthening cybersecurity for media and civil society
Focus: Reducing cybersecurity risks for independent media and civil society organisations which play a critical role in democratic governance. These organisations depend heavily on digital systems but often lack sufficient resources and become more exposed to cyber threats.
Action: Open Data Kosovo, with Arcus Security, conducted cybersecurity assessments across 11 key areas, followed by tailored technical support, staff training and practical improvement plans aligned with each organisation’s circumstances.
Results:
- Organisations received tailored improvement plans designed to fit their operational realities. Over the course of the project, organisations strengthened their data protection practices, improved incident-response preparedness and increased staff awareness of cybersecurity risks.
- Beyond individual organisations, the project also published a sector-wide report that highlighted systemic cybersecurity challenges faced by the media and civil society in Kosovo, helping to guide future support activities and policy discussions.
“We noticed that when leadership is involved, change happens much faster. Training creates quick wins, but management commitment is what makes those wins sustainable.”– Blerta Thaçi, executive director of Open Data Kosovo
KnowCyber.eu
This Cybersecurity knowledge hub brings together best practices, expert insights and key trends shaping the cybersecurity landscape in the Western Balkans. Developed in close cooperation with regional experts, the platform gives an overview of evolving cyber risks, policy developments and practical approaches to strengthen cyber resilience in the region.
Find out more: KnowCyber.eu
